Firenode™

Today, the best practice for system security focuses on the perimeter. This certainly makes sense but, so far, no one has yet come up with the perfect perimeter defense. Even worse, because so much time and attention is being invested in the perimeter, when an intruder succeeds in penetrating your perimeter, it can often take a long time before they are discovered giving plenty of time for breaking into relatively unguarded systems.

The perimeter defense is only viable in the data center. Today, with the advent of home networks and the Internet of Things (IoT), intelligent, connected devices are turning up everywhere and in everything. Because the sophistication of end-point security lags the perimeter and because the economics of producing great quantities of these devices demands low costs, they often become easy targets for attackers with devastating results.

IDfusion decided that a new approach was needed. Using our experience with identities and drawing on theories from fields such as quantum mechanics (eigenvalues and eigenvectors), we developed a new way of digitally describing a running system’s behavior (called a measurement). This breakthrough allows a system developer to “record” the complete running state of a system including the operating system and application software.

IDfusion went on to develop a monitoring system that uses the system measurement to verify everything the system does and prevent any behavior that falls outside of its measurement state. In fact, using IDfusion’s system, the developer can predetermine the response of the system such as rebooting, shutting down, or blocking the action and continuing. Forensic information about what caused the system to go out of measurement is recorded which assists the developer in determining what happened and developing a solution if necessary.

The Firenode™ device also offers self-attestation for the hardware and system image using Intel’s Trusted Execution Techology (TXT). At boot, the system performs an integrity check that verifies the hardware and system image are unmodified before the systems starts running and the measurement system takes over insuring system integrity.

The end result is a completely autonomous system capable of insuring its integrity before it starts execution and then providing real-time monitoring of the running state. This provides a developer with an extremely secure platform for the most sensitive applications. It does not guarantee that the system can never be broken into but it does guarantee that no behavior outside of the system measurement can ever occur and that the developer will be notified if that happens.